Cybersecurity News


Vaccine passports: Is your personal data in safe hands?

Vaccination passports may facilitate the return to normalcy, but there are also concerns about what kinds of personal data they collect and how well they protect it. Here’s what you should know.

The post Vaccine passports: Is your personal data in safe hands? appeared first on WeLiveSecurity

31 August 2021

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform HPE joins Apple in warning customers of a high-severity Sudo vulnerability.
30 August 2021

Army Testing Facial Recognition in Child-Care Centers

Army Testing Facial Recognition in Child-Care Centers Army looking for AI to layer over daycare CCTV to boost ‘family quality of life.’
30 August 2021

The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers

The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers In part one of a two-part series, Akamai's director of security technology and strategy, Tony Lauro, lays out what orgs need to know to defend against account takeover attacks.
30 August 2021

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more.
30 August 2021

LockBit Gang to Publish 103GB of Bangkok Air Customer Data

LockBit Gang to Publish 103GB of Bangkok Air Customer Data The airline announced the breach on Thursday, and the ransomware gang started a countdown clock the next day.
30 August 2021

T-Mobile’s Security Is ‘Awful,’ Says Purported Thief

T-Mobile’s Security Is ‘Awful,’ Says Purported Thief John Binns, claiming to be behind the massive T-Mobile theft of >50m customer records, dissed the security measures of the US's No. 2 wireless biggest carrier. T-Mobile is "humbled," it said, announcing new partnerships with security heavyweights on Friday.
28 August 2021

Parallels Offers ‘Inconvenient’ Fix for High-Severity Bug

Parallels Offers ‘Inconvenient’ Fix for High-Severity Bug Firm offers guidance on how to mitigate a five-months-old privilege escalation bug impacting Parallels Desktop 16 for Mac and all previous versions.
27 August 2021

Experts: WH Cybersecurity Summit Should Be Followed by Regulation, Enforcement

Experts: WH Cybersecurity Summit Should Be Followed by Regulation, Enforcement Amazon, Google, Microsoft etc. making major commitments to shore up nation’s cyber-defenses just won't be enough, researchers say.
27 August 2021

Winning the Cyber-Defense Race: Understand the Finish Line

Winning the Cyber-Defense Race: Understand the Finish Line Kerry Matre, Mandiant senior director, clears up misconceptions about the value to business for enterprise cyber-defense. Hint: It's not achieving visibility.
27 August 2021

FIN8 Targets US Bank With New ‘Sardonic’ Backdoor

FIN8 Targets US Bank With New ‘Sardonic’ Backdoor The latest refinement of the APT's BadHatch backdoor can leverage new malware on the fly without redeployment, making it potent and nimble.
27 August 2021

Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover

Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover It's unclear if Microsoft customers were breached during the months-long period where the #ChaosDB bug in Jupyter Notebooks was exploitable.
27 August 2021

Week in security with Tony Anscombe

ESET research discovers SideWalk backdoor – Why data breach costs have never been higher – 620,000 personal pictures stolen from iCloud accounts

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

27 August 2021

Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor

Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor The cybercriminal group, active since late 2019, has closed its doors and released the key to unlocking victims’ files on its dark web portal.
27 August 2021

Top Strategies That Define the Success of a Modern Vulnerability Management Program

Top Strategies That Define the Success of a Modern Vulnerability Management Program Modern vulnerability management programs require a strategy that defines what success means for your organization’s cybersecurity goals. By incorporating a few simple cyber hygiene routines to your daily security routine, you’ll set up your IT teams to be better equipped to steer off cyberattacks.
27 August 2021

‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast

‘Pay Ransom’ Screen? Too Late, Humpty Dumpty – Podcast Splunk’s Ryan Kovar discusses the rise in supply-chain attacks a la Kaseya & how to get ahead of encryption leaving your business a pile of broken shells. 
27 August 2021

Parents of teens who stole $1 million in Bitcoin sued by alleged victim

Clipboard malware was developed with the sole purpose of stealing cryptocurrency.
27 August 2021

US charges HeadSpin ex-CEO over fake $1bn valuation scheme

The SEC claims the startup's metrics were inflated.
27 August 2021

Beyond the pandemic: Why are data breach costs at an all‑time high?

It might be tempting to blame the record-high costs of data breaches on the COVID-19 pandemic alone. But dig deeper and a more nuanced picture emerges.

The post Beyond the pandemic: Why are data breach costs at an all‑time high? appeared first on WeLiveSecurity

27 August 2021

Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin

Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin Now adults, the then-teens apparently used clipboard hijacking malware to steal Bitcoin.
26 August 2021